[HarfBuzz] harfbuzz: Branch 'master' - 3 commits

Behdad Esfahbod behdad at kemper.freedesktop.org
Fri Nov 23 03:22:58 UTC 2018 

 src/hb-aat-layout-kerx-table.hh |    3 +++
 src/hb-aat-layout-morx-table.hh |    3 +++
 src/hb-machinery.hh             |   30 +++++++++++++++++++-----------
 src/hb-ot-cmap-table.hh         |   18 ++++++++++--------
 4 files changed, 35 insertions(+), 19 deletions(-)

New commits:
commit e4a4555d1e40dacdf72452805e9e6b6109627d63
Author: Behdad Esfahbod <behdad at behdad.org>
Date:   Thu Nov 22 22:17:49 2018 -0500

    [cmap] Move code around

diff --git a/src/hb-ot-cmap-table.hh b/src/hb-ot-cmap-table.hh
index b7d17018..4297550f 100644
--- a/src/hb-ot-cmap-table.hh
+++ b/src/hb-ot-cmap-table.hh
@@ -863,14 +863,6 @@ struct cmap
     hb_vector_t<CmapSubtableLongGroup> format12_groups;
   };
 
-  inline bool sanitize (hb_sanitize_context_t *c) const
-  {
-    TRACE_SANITIZE (this);
-    return_trace (c->check_struct (this) &&
-		  likely (version == 0) &&
-		  encodingRecord.sanitize (c, this));
-  }
-
   inline bool _create_plan (const hb_subset_plan_t *plan,
 			    subset_plan *cmap_plan) const
   {
@@ -1171,6 +1163,16 @@ struct cmap
     return &(this+encodingRecord[result].subtable);
   }
 
+  public:
+
+  inline bool sanitize (hb_sanitize_context_t *c) const
+  {
+    TRACE_SANITIZE (this);
+    return_trace (c->check_struct (this) &&
+		  likely (version == 0) &&
+		  encodingRecord.sanitize (c, this));
+  }
+
   protected:
   HBUINT16		version;	/* Table version number (0). */
   SortedArrayOf<EncodingRecord>
commit 758c9d68e2143493978d8ac8391f4af2a2abc26a
Author: Behdad Esfahbod <behdad at behdad.org>
Date:   Thu Nov 22 22:16:12 2018 -0500

    [morx/kerx] Limit range to subtable when sanitizing

diff --git a/src/hb-aat-layout-kerx-table.hh b/src/hb-aat-layout-kerx-table.hh
index 8292dca6..bb88d9d1 100644
--- a/src/hb-aat-layout-kerx-table.hh
+++ b/src/hb-aat-layout-kerx-table.hh
@@ -953,10 +953,12 @@ struct KerxTable
     unsigned int count = thiz()->tableCount;
     for (unsigned int i = 0; i < count; i++)
     {
+      c->set_object (*st);
       if (unlikely (!st->sanitize (c)))
 	return_trace (false);
       st = &StructAfter<SubTable> (*st);
     }
+    c->reset_object ();
 
     return_trace (true);
   }
diff --git a/src/hb-aat-layout-morx-table.hh b/src/hb-aat-layout-morx-table.hh
index cb871d2a..7a39eea8 100644
--- a/src/hb-aat-layout-morx-table.hh
+++ b/src/hb-aat-layout-morx-table.hh
@@ -1061,10 +1061,12 @@ struct Chain
     unsigned int count = subtableCount;
     for (unsigned int i = 0; i < count; i++)
     {
+      c->set_object (*subtable);
       if (!subtable->sanitize (c))
 	return_trace (false);
       subtable = &StructAfter<ChainSubtable<Types> > (*subtable);
     }
+    c->reset_object ();
 
     return_trace (true);
   }
commit a9fe787a11fc391d9a43a4ea19e6eb1c474199bd
Author: Behdad Esfahbod <behdad at behdad.org>
Date:   Thu Nov 22 22:12:36 2018 -0500

    [sanitizer] Add reset_object(), make set_object() do bounds-check
    
    Affects morx/kerx run-time only currently.  Will adjust their sanitize next.

diff --git a/src/hb-aat-layout-kerx-table.hh b/src/hb-aat-layout-kerx-table.hh
index 21097276..8292dca6 100644
--- a/src/hb-aat-layout-kerx-table.hh
+++ b/src/hb-aat-layout-kerx-table.hh
@@ -934,6 +934,7 @@ struct KerxTable
       st = &StructAfter<SubTable> (*st);
       c->set_lookup_index (c->lookup_index + 1);
     }
+    c->sanitizer.reset_object ();
 
     return ret;
   }
diff --git a/src/hb-aat-layout-morx-table.hh b/src/hb-aat-layout-morx-table.hh
index bbe952fa..cb871d2a 100644
--- a/src/hb-aat-layout-morx-table.hh
+++ b/src/hb-aat-layout-morx-table.hh
@@ -1041,6 +1041,7 @@ struct Chain
       subtable = &StructAfter<ChainSubtable<Types> > (*subtable);
       c->set_lookup_index (c->lookup_index + 1);
     }
+    c->sanitizer.reset_object ();
   }
 
   inline unsigned int get_size (void) const { return length; }
diff --git a/src/hb-machinery.hh b/src/hb-machinery.hh
index cb30e990..edef5405 100644
--- a/src/hb-machinery.hh
+++ b/src/hb-machinery.hh
@@ -259,26 +259,34 @@ struct hb_sanitize_context_t :
 
   inline void set_max_ops (int max_ops_) { max_ops = max_ops_; }
 
-  /* TODO
-   * This set_object() thing is to use sanitize at runtime lookup
-   * application time.  This is very distinct from the regular
-   * sanitizer operation, so, eventually, separate into another
-   * type and make hb_aat_apply_context_t use that one instead
-   * of abusing this one.
-   */
   template <typename T>
   inline void set_object (const T& obj)
   {
-    this->start = (const char *) &obj;
-    this->end = (const char *) &obj + obj.get_size ();
-    assert (this->start <= this->end); /* Must not overflow. */
+    reset_object ();
+
+    const char *obj_start = (const char *) &obj;
+    const char *obj_end = (const char *) &obj + obj.get_size ();
+    assert (obj_start <= obj_end); /* Must not overflow. */
+
+    if (unlikely (obj_end < this->start || this->end < obj_start))
+      this->start = this->end = nullptr;
+    else
+    {
+      this->start = MAX (this->start, obj_start);
+      this->end   = MIN (this->end  , obj_end  );
+    }
   }
 
-  inline void start_processing (void)
+  inline void reset_object (void)
   {
     this->start = this->blob->data;
     this->end = this->start + this->blob->length;
     assert (this->start <= this->end); /* Must not overflow. */
+  }
+
+  inline void start_processing (void)
+  {
+    reset_object ();
     this->max_ops = MAX ((unsigned int) (this->end - this->start) * HB_SANITIZE_MAX_OPS_FACTOR,
 			 (unsigned) HB_SANITIZE_MAX_OPS_MIN);
     this->edit_count = 0;

More information about the HarfBuzz mailing list